Commit graph

4852 commits

Author SHA1 Message Date
William Pitcock
64620d8980 activitypub: user view: do not expose oAuth endpoints for instance users 2019-02-14 02:41:21 +00:00
William Pitcock
e9ef4b8da6 oauth: never use base64 padding when returning tokens to applications
The normal Base64 alphabet uses the equals sign (=) as a padding character.  Since
Base64 strings are self-synchronizing, padding characters are unnecessary, so don't
generate them in the first place.
2019-02-14 01:10:04 +00:00
William Pitcock
889ad95a2a tests: add some reserialization tests based on IR differences 2019-02-14 00:59:18 +00:00
William Pitcock
e05bf2940f activitypub: transmogrifier: correctly handle nil inReplyTo value 2019-02-14 00:35:54 +00:00
William Pitcock
94cbbb0e3a activitypub: transmogrifier: do not attempt to expand pre-existing AS2 tag objects 2019-02-14 00:35:53 +00:00
kaniini
1ef4741861 Merge branch 'feature/better-login-errors' into 'develop'
Improve login error for OAuth flow

See merge request pleroma/pleroma!824
2019-02-13 23:42:11 +00:00
Mark Felder
f62c1d6266 Improve login error for OAuth flow 2019-02-13 22:33:22 +00:00
Ivan Tashkinov
063baca5e4 [#468] User UI for OAuth permissions restriction. Standardized storage format for scopes fields, updated usages. 2019-02-14 00:29:29 +03:00
William Pitcock
d54c483964 tests: add tests for endpoints 2019-02-13 19:48:24 +00:00
William Pitcock
9bd6ed975e activitypub: user view: use route helpers instead of hardcoded URIs 2019-02-13 19:34:43 +00:00
William Pitcock
29e946ace4 activitypub: user view: add oauthRegistrationEndpoint to user profiles 2019-02-13 19:34:43 +00:00
William Pitcock
db8abd958d activitypub: user view: fix up endpoints rendering 2019-02-13 19:34:43 +00:00
William Pitcock
dd989962e6 litepub schema: add oauthRegistrationEndpoint [ci skip] 2019-02-13 19:34:43 +00:00
William Pitcock
90facd3598 user view: add AP C2S oauth endpoints to local user profiles 2019-02-13 19:34:43 +00:00
Karen Konou
bef9b9cb66 refactored code 2019-02-13 16:23:09 +01:00
Karen Konou
adcdd21f16 Merge branch 'develop' into hellthread-filter-fix 2019-02-13 16:22:14 +01:00
rinpatch
99f955cd9e Merge branch 'mass-follow-fixes' into 'develop'
User.follow_all: Respect blocks in both directions.

See merge request pleroma/pleroma!823
2019-02-13 13:04:23 +00:00
lain
88a4de24f9 User.follow_all: Respect blocks in both directions. 2019-02-13 13:52:27 +01:00
Maxim Filippov
760fec4cb8 Update token.ex 2019-02-13 12:59:56 +03:00
Maxim Filippov
62a45bdc11 Add revoke token 2019-02-13 12:59:56 +03:00
Maxim Filippov
61a4bc5095 Add OAuth tokens endpoint 2019-02-13 12:59:56 +03:00
kaniini
33f8f3c33a Merge branch 'doc/mark-streaming-feature-for-apps-2' into 'develop'
Mark streaming feature for desktop apps in Clients.md

See merge request pleroma/pleroma!818
2019-02-13 07:51:14 +00:00
Hakaba Hitoyo
16b7c07115 Mark streaming feature for desktop apps in Clients.md 2019-02-13 07:51:14 +00:00
kaniini
4bdb2d44c2 Merge branch 'bugfix/mdii-uploader' into 'develop'
Bugfix for MDII Uploader

See merge request pleroma/pleroma!822
2019-02-13 07:32:56 +00:00
hakabahitoyo
b7bc666200 bugfix mdii uploader 2019-02-13 15:46:42 +09:00
Karen Konou
1d727cd069 added checks for public url and follower collections 2019-02-13 00:01:34 +01:00
kaniini
0534463cef Merge branch 'feature/csp_mastofe-dev' into 'develop'
Add CSP for mastofe development, remove secure-cookies in MIX_ENV=dev

See merge request pleroma/pleroma!820
2019-02-12 22:41:46 +00:00
Haelwenn (lanodan) Monnier
da4c662af3
Plugs.HTTPSecurityPlug: Add webpacker to connect-src 2019-02-12 22:12:12 +01:00
Haelwenn (lanodan) Monnier
00e8f0b07d
Plugs.HTTPSecurityPlug: Add unsafe-eval to script-src when in dev mode
This is needed to run dev mode mastofe at the same time
2019-02-12 22:12:11 +01:00
Haelwenn (lanodan) Monnier
71ce564ecc
config/dev.exs: Don’t put secure cookies on dev 2019-02-12 21:50:47 +01:00
Haelwenn
c71b3a1b12 Merge branch 'fix-csp-upgrade-insecure-requests-check' into 'develop'
Fix CSP check for 'upgrade-insecure-requests'

See merge request pleroma/pleroma!814
2019-02-12 02:44:23 +00:00
Haelwenn
e1983fca8d Merge branch 'doc/mark-streaming-feature-for-apps' into 'develop'
Mark streaming feature for mobile/web apps in Clients.md

See merge request pleroma/pleroma!816

[ci skip]
2019-02-12 02:35:15 +00:00
Hakaba Hitoyo
84f22d1cb8 Mark streaming feature for mobile/web apps in Clients.md 2019-02-12 02:35:15 +00:00
Mark Felder
c984e8272a Formatting 2019-02-12 00:37:22 +00:00
Mark Felder
4956ab5ea3 Fix compile 2019-02-12 00:25:12 +00:00
Mark Felder
ac7ef0999d WIP: Fix Twitter Cards
Twitter cards were not passing any useful metadata. A few things were
being handled on Twitter's end by trying to match OpenGraph tags with
their own, but it wasn't working at all for media. This is an attempt to
fix that.

Common functions have been pulled out of opengraph and put into
utils. Twitter's functionality was entirely replaced with a direct copy
of Opengraph's and then modified as needed.

Profiles are now represented as Summary Cards

Posts with images are now represented as Summart with Large Image Cards

Posts with video and audio attachments are represented as Player Cards.

This now passes the Twitter Card Validator.

Validator and Docs are below

https://cards-dev.twitter.com/validator
https://developer.twitter.com/en/docs/tweets/optimize-with-cards/overview/abouts-cards
2019-02-11 23:59:04 +00:00
shibayashi
ea1058929c
Use url[:scheme] instead of protocol to determine if https is enabled 2019-02-12 00:08:52 +01:00
kaniini
39548c3824 Merge branch 'bugfix/keyword-policy-check-summary' into 'develop'
Filter summary field in KeywordPolicy

See merge request pleroma/pleroma!812
2019-02-11 18:45:15 +00:00
rinpatch
379d04692c Filter summary in keywordpolicy 2019-02-11 21:35:40 +03:00
rinpatch
39383a6b79 Merge branch 'feature/thread-muting' into 'develop'
Feature/thread muting

See merge request pleroma/pleroma!796
2019-02-11 15:02:14 +00:00
lambda
044616292b Merge branch 'feature/rich-media-limits' into 'develop'
rich media: tighten fetching timeouts and size limits

See merge request pleroma/pleroma!809
2019-02-11 12:33:58 +00:00
Karen Konou
ac72b578da Merge branch 'develop' into feature/thread-muting 2019-02-11 12:10:49 +01:00
Karen Konou
c01ef574c1 Refactor as per Rin's suggestions, add endpoint tests 2019-02-11 12:04:02 +01:00
lambda
48552b38b2 Merge branch 'revert-e0de0fcf' into 'develop'
Revert "Merge branch 'object-creation' into 'develop'"

See merge request pleroma/pleroma!810
2019-02-11 08:22:54 +00:00
lambda
d53e36bf1e Revert "Merge branch 'object-creation' into 'develop'"
This reverts merge request !802
2019-02-11 08:07:39 +00:00
Egor Kislitsyn
305d219413 Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into feature/jobs
# Conflicts:
#	lib/pleroma/web/federator/federator.ex
#	lib/pleroma/web/websub/websub.ex
2019-02-11 13:54:21 +07:00
Haelwenn (lanodan) Monnier
74579115a7
test: Change lenght(…) == 0 to Enum.empty?(…) 2019-02-11 03:44:16 +01:00
Haelwenn (lanodan) Monnier
8bb7e19b38
test: de-group alias/es 2019-02-11 03:44:15 +01:00
Haelwenn (lanodan) Monnier
89b6f255b4
.credo.exs: Add test directory as well 2019-02-10 22:56:47 +01:00
William Pitcock
45e57dd187 rich media: tighten fetching timeouts and size limits 2019-02-10 21:54:08 +00:00